Saved in:
Bibliographic Details
Main Authors: Netto, V. H. de Moura, Cholez, T., Ignat, C. -L.
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2505.01139
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866910155004706816
author Netto, V. H. de Moura
Cholez, T.
Ignat, C. -L.
author_facet Netto, V. H. de Moura
Cholez, T.
Ignat, C. -L.
contents The InterPlanetary File System (IPFS) is a decentralized peer-to-peer (P2P) storage built on Kademlia, a Distributed Hash Table (DHT) structure commonly used in P2P systems and known for its proved scalability. However, DHTs susceptible to Sybil attacks, where a single entity controls multiple malicious nodes. Recent studies have shown that IPFS is affected by a passive content eclipse attack, leveraging Sybils, in which adversarial nodes hide received indexed information from other peers, making the content appear unavailable. Fortunately, the latest mitigation strategy coupling an attack detection based on statistical tests and a wider publication strategy upon detection was able to circumvent it. In this work, we present a new active attack in which malicious nodes return semantically correct but intentionally false data. The attack leverages strategic Sybil placement to evade detection and exploits an early termination in the actual Kubo, the main IPFS implementation. It achieves to fully eclipse content on recent Kubo versions. When evaluated against the most recent known mitigation, it successfully denies access to the target content in approximately 80% of lookup attempts. To address this vulnerability, we propose a new mitigation called SR-DHT-Store, which enables efficient, Sybil-resistant content publication without relying on attack detection. Instead, it uses systematic and precise use of region-based queries based on a dynamically computed XOR distance to the target ID. SR-DHT-Store can be combined with other defense mechanisms, fully mitigating passive and active Sybil attacks at a lower overhead while supporting an incremental deployment.
format Preprint
id arxiv_https___arxiv_org_abs_2505_01139
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Active Sybil attack and efficient defense strategy in IPFS DHT
Netto, V. H. de Moura
Cholez, T.
Ignat, C. -L.
Cryptography and Security
The InterPlanetary File System (IPFS) is a decentralized peer-to-peer (P2P) storage built on Kademlia, a Distributed Hash Table (DHT) structure commonly used in P2P systems and known for its proved scalability. However, DHTs susceptible to Sybil attacks, where a single entity controls multiple malicious nodes. Recent studies have shown that IPFS is affected by a passive content eclipse attack, leveraging Sybils, in which adversarial nodes hide received indexed information from other peers, making the content appear unavailable. Fortunately, the latest mitigation strategy coupling an attack detection based on statistical tests and a wider publication strategy upon detection was able to circumvent it. In this work, we present a new active attack in which malicious nodes return semantically correct but intentionally false data. The attack leverages strategic Sybil placement to evade detection and exploits an early termination in the actual Kubo, the main IPFS implementation. It achieves to fully eclipse content on recent Kubo versions. When evaluated against the most recent known mitigation, it successfully denies access to the target content in approximately 80% of lookup attempts. To address this vulnerability, we propose a new mitigation called SR-DHT-Store, which enables efficient, Sybil-resistant content publication without relying on attack detection. Instead, it uses systematic and precise use of region-based queries based on a dynamically computed XOR distance to the target ID. SR-DHT-Store can be combined with other defense mechanisms, fully mitigating passive and active Sybil attacks at a lower overhead while supporting an incremental deployment.
title Active Sybil attack and efficient defense strategy in IPFS DHT
topic Cryptography and Security
url https://arxiv.org/abs/2505.01139